Update: If any of this has happened to you, please leave a comment at the bottom of the page and let me know which state you live in, this seems to be happening especially to people who have paid traffic fines in NYC.
I had the unfortunate experience of having a fraudulent transaction posted to my Visa Debit Card this week. To make a very long story very short, someone, somehow gathered my details, including my credit card number, expiry etc and my billing address. They then used this information to purchase a software license online.
Luckily I pay close attention to my bank statements and picked this up while the amount was still “pending”. Unfortunately at this stage banks can’t do anything about the payments. But I did contact the merchant directly.
DRI*ELEMENT5.COM was the indicator on my account, and having visited their website it was apparent that they get a lot of queries such as mine, considering that their customer service page is entirely a form to look up orders (with email address and last 5 digits of the credit card used). I checked just in case, with multiple email addresses as I have a tendency to do a lot of online shopping.
It turns out that Element5.com is part of Digital River. They are essentially providers of e-commerce to various clients, predominantly software developers. While I cannot and do not blame the merchant at all, it does seem that they fall into one of those categories where a lot of fraud could occur due to the intangible product that does not need to be physically delivered.
If by chance you need to contact them, ELEMENT5.com’s phone number is 1800 406 4966. They were friendly about it all, confirmed that it definitely was not me that made the purchase and reversed the charges. What is interesting is that whoever used my card also created an email address with my name in it. They would not tell me what that email was, but just that it contained my full name – so they really tried to make the best of it.
So my card has been cancelled and I now have to visit a branch with ID’s and all the fun procedures just to draw cash, but at least they can’t use that number anymore. It does worry me that they managed to gather all of my information, though.
Three possible scenarios so far:
1) Someone, maybe at a restaurant who physically had my card tracked down my address somehow and used my details. But this is unlikely.
2) Someone who I have bought with in the past had their data compromised and they had stupidly stored all my details.
3) The most likely is that a recent transaction was handled insecurely and someone along the way had picked up my details. In fact, I paid that parking ticket just a few hours before the fraudulent transaction and they had picked a product which was a very similar price ($2 difference).
Either way, I feel highly violated.
Update:
A lot of people have been mentioning that they are contacting their credit card company, while I went the route of contacting the biller.
Here’s the difference. If you contact your credit card company they will open a case of fraud. You will probably never hear anything back from them but they will reverse your charges.
If you contact the company directly, they will refund you almost immediately but you NOT be able to file for fraud with your credit card company as well.
So the choice is yours.